we are developing an large web application which depend some private npm packages and public packages. we need to lock the version, but we can not sure which time to update these package and update the lock file.
Asked
Active
Viewed 29 times
0
-
Try this answer:https://stackoverflow.com/questions/44552348/should-i-commit-yarn-lock-and-package-lock-json-files/44904494 – Avi Mar 13 '19 at 05:22
1 Answers
0
In my web project, I update lock files only if i add, update, remove a node package for my project. In this case, I take advantage to update all packages of my lock files.
For the other developers who work in my web project, they use cmd :
npm ci
or
yarn install --frozen-lockfile
They must not absolutely modify the lock files.
Furthermore, i am sure that everybody have the same environment (for behavioral reproduction).
Batbaille
- 31
- 1
- 5